Re: [rtcweb] Final plea about SRTP

Roman Shpount <> Fri, 04 May 2012 16:41 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 4899521F85D5 for <>; Fri, 4 May 2012 09:41:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.873
X-Spam-Status: No, score=-2.873 tagged_above=-999 required=5 tests=[AWL=0.103, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id phNIh1GEvSn5 for <>; Fri, 4 May 2012 09:41:18 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id BA1C221F85D1 for <>; Fri, 4 May 2012 09:41:18 -0700 (PDT)
Received: by dadz9 with SMTP id z9so4847315dad.39 for <>; Fri, 04 May 2012 09:41:18 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:x-gm-message-state; bh=mjVHUYx8oVE+g3jYVfD4yHvSzdS8x9kZCnqiISjLk6o=; b=Kziy5m4VMt1FOq5GXISShPr8iPR7Yh1qu1ZTxyXD7RgBE0ET6pjD5gFEeUdN1t1FF4 NmIM5F1yVIIADbKRlSoYAo5fec/QIqUjiGn4QlfPQGFkH/tjgseNhCHCM5iHOGigqUv6 U778i06BqIx38ckcOxoX6HmRiRCNonNlqcTbpl5D0hKEcwOPvmTajRBZ9bttQ/V+dP39 Tfnxr93LsJBpmV0m8EdUcD6mZIh0sp785yUTZ7lHLuR/8z74ylgkx4fQ9yX/E5FMj3Fp gw1pxuwyJFC0epbK7tEz713HEw6dSfIamrSukTpnAgMV5vBqg29bp6o0sq5iCKINuFPk DKAQ==
Received: by with SMTP id oc3mr20549614pbb.68.1336149674139; Fri, 04 May 2012 09:41:14 -0700 (PDT)
Received: from ( []) by with ESMTPS id ms7sm1672036pbb.19.2012. (version=TLSv1/SSLv3 cipher=OTHER); Fri, 04 May 2012 09:41:12 -0700 (PDT)
Received: by pbcwy7 with SMTP id wy7so4142977pbc.31 for <>; Fri, 04 May 2012 09:41:11 -0700 (PDT)
MIME-Version: 1.0
Received: by with SMTP id hs1mr19885690pbc.6.1336149671071; Fri, 04 May 2012 09:41:11 -0700 (PDT)
Received: by with HTTP; Fri, 4 May 2012 09:41:10 -0700 (PDT)
In-Reply-To: <>
References: <> <> <> <BLU169-DS251D322307BC173FD221AE932F0@phx.gbl> <> <>
Date: Fri, 04 May 2012 12:41:10 -0400
Message-ID: <>
From: Roman Shpount <>
To: Magnus Westerlund <>
Content-Type: multipart/alternative; boundary="047d7b15b17182ce3e04bf38966d"
X-Gm-Message-State: ALoCoQmSzoDojO8FTVuTF3HqV7kQSfj7aFXdNBQlaSH+/n8ttOclUJsKa6wA2LXg8OYgmdP+m1Ux
Cc: "" <>
Subject: Re: [rtcweb] Final plea about SRTP
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 04 May 2012 16:41:19 -0000

On Fri, May 4, 2012 at 2:21 AM, Magnus Westerlund <> wrote:

> In my role as a WG chair I have to say that the decision to make SRTP
> mandatory to use for WebRTC had a very strong consensus behind it. Yes,
> there are some few individuals like yourself that are on the rough side
> of this decision.

Let's hope this will work in real life use cases. If it does not (which is
what I believe, but I can certainly be wrong), then RTP can be put back at
1.1 version of the standard.

 I think the bid-down problem is one of the largest for most people.

I do not think we need to support auto-negotiation of RTP vs SRTP. Also,
RTP should not be allowed from HTTPS sessions, so I do not think bid down
is a problem at all.

I also see a great benefit with always using SRTP, in that we will get rid
> of RTP profile
> negotiation. There will be no need to support any other RTP profile than

I do see a benefit of using one RTP profile only, but this will require
WebRTC to use yet another feature that had almost no real life use. This
will also ensure that RTCP will need to be re-encoded (as probably RTP)
when processing calls to anything outside of WebRTC world.
Roman Shpount